In article <66e75848041015193427c2c6f7@mail.gmail.com> you wrote: > It was a Syn flood, so the easy answer here is to let it through and > let the target hosts deal with it directly. Typically the problem with DDOS Traffic is in the routers, because this will kill route caches (or hit the router CPU too often). Host with decent syn cookie support should handle it pretty well, as long as the link is snot flooded (in taht case you cant do anyhin beside asking the isp to filter, anyway) > i.e. is there any hope of me using some kind of linux box to protect a > 1Gb internet link. Yes you can use it to not route any traffic, tha would protect your link :) Greetings Bernd -- eckes privat - http://www.eckes.org/ Project Freefire - http://www.freefire.org/ - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
